I'm not seeing the Network Resolution/DNS datamodel/dataset populated from theSplunkAdd-onfor Microsoft WindowsDNS. Theadd-on was installed per the documentation on all WindowsDNS servers.
C...
i have installed theSplunkAdd-onforWindows app to monitor DNS logs using the Debugging enabled option on my server. i am seeing the events ingesting with the proper source type of MSAD:NT6:DNS b...
I need assistance with whitelisting as I can’t make it work. I’m running the free trial version 9.0.0 of Splunk Enterprise. I have 1 Receiver (on a CentOS VM), and some Windows and CentOS s...
Hi Splunkers,
for our customer we collect log from Windows systems. The main configuration details are:
Logs go from DCs to a dedicated HF and then to Splunk Cloud, so the flow is: DCs -> H...
After installing microsoft windowsaddon I could not see applicable tags for network resolution data model with respect to DNS logs. Why I could not see any tag? Any thoughts!
Using splunk 6.0.1 - trying to do some testing with WindowsDNS logs to see if can get the data formatted and dropping events we dont want to keep. I found some answers onthesplunk site, but e...
Good Morning,
I'm trialing Splunk Cloud in anticipation of a purchase. I have installed Splunk Enterprise as the deployment server and universal forwarders on three servers. My clients are s...
I have installed theSplunkAdd-onfor Microsoft Windows App onthe latest 6.0 Version onSplunk Enterprise 7.3
i am ingesting DNS data using dns_debugging enabled on my DNS server.
the data i...
Hi all,
We have enable windowsDNS debug on our AD servers, but get in wrong domain names. I have tried on our SH two diffrent prop.conf but still wrong domain names. [MSAD:NT6:DNS] E...
Hi All ,
I am trying to get DNS data into Splunk Enterprise Security 4.5
we already have Windows Server DNS logs in Splunk Enterprise, can we map the same data into Enterprise Security?
if y...